You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm currently using spring security 6.2 which internally uses OpenSAML 4.3 Java library to handle the SAML assertion received from the IDP. However, I've encountered an issue where OpenSAML relies on the bcprov-jdk18on library, which is not compliant with FIPS standards. To align with my project's requirements for FIPS-compliant libraries, I integrated bc-fips version 1.0.2.4. However, this change has led to numerous "class not found" errors, and the system is not functioning correctly. Could you advise on how to effectively use bc-fips with OpenSAML? Additionally, is it possible for bcprov and bc-fips to coexist within the same JVM environment?
Does bc-fips have all implementation of bcprov ? In what case we can assume bc-fips work as a replacement of bcprov?
The text was updated successfully, but these errors were encountered:
Hello Team,
I'm currently using spring security 6.2 which internally uses OpenSAML 4.3 Java library to handle the SAML assertion received from the IDP. However, I've encountered an issue where OpenSAML relies on the bcprov-jdk18on library, which is not compliant with FIPS standards. To align with my project's requirements for FIPS-compliant libraries, I integrated bc-fips version 1.0.2.4. However, this change has led to numerous "class not found" errors, and the system is not functioning correctly. Could you advise on how to effectively use bc-fips with OpenSAML? Additionally, is it possible for bcprov and bc-fips to coexist within the same JVM environment?
Does bc-fips have all implementation of bcprov ? In what case we can assume bc-fips work as a replacement of bcprov?
The text was updated successfully, but these errors were encountered: